It’s not uncommon to read about data breaches in the news. As the saying goes “an ounce of prevention is worth a pound of cure,” so are security best practices and technologies that can protect modern personal data from breaches.
When it comes to your private data and personal information, a data center has the responsibility to make sure its hyperscale provider has the right security measures in place, through both hardware-based and software-based security.
Seven-Layer Security
The key to a layered security approach is that every protection and detection measure works in concert, building on the others’ strengths and together providing the capabilities needed to compensate for any one measure’s weakness. With comprehensive security coverage at every layer, businesses minimize their overall risk exposure.
- Policies, Procedures, and Awareness Layer – This takes into account certifications and audit completions including SSAE 16, ANSI/TIA-942 Tier III+, PCI-DSS, and HIPAA, among others, in addition to background investigations, security clearances, mandatory security training, incident response policies and disaster preparedness.
- Physical Layer – This is all about locks, guards, and cameras. Physical security starts with location and factors in environmental controls, which include authorization, authentication, and access for both people and equipment.
- Perimeter Layer – At the network perimeter layer, security measures include stateful firewalls, anti-virus/anti-malware, virtual private networks and access point security, and security information event management.
- Network Layer – This refers to the internal local area network (LAN) and wide area network (WAN). Security considerations may include intrusion detection systems and intrusion prevention systems, network vulnerable assessment, data loss prevention, and security information event management, among others.
- Host Layer – This is all about devices: servers, desktops, switches, routers, wireless access points, etc. Security systems include antivirus and anti-malware applications, intrusion detection and prevention software, spyware tools and personal firewalls, OS hardening.
- Application Layer – The security of the application layer focuses on the contents of traffic reaching applications. Security measures should cover both server-side and client-side exposures, with measures for source code analysis, application-level firewalls, input validations and vulnerability scanning.
- Data Layer – This is the arguably the most critical, and therefore, the most insulated layer. Ultimately, customers must protect their data. Security at this layer ensures all parties have controls in place to secure access—including passwords, remote access authorization, data encryption, and file, disk and removable media encryption.
Consider these three elements of a layered security when talking to potential data centers:
- A comprehensive layered approach can’t be accomplished by the customer alone. It must be addressed in partnership with vendors and their respective areas of expertise.
- Inspection is required from every angle, at every layer, in order to avoid blind spots.
- Organizations must inspect potential security measures, as their security measures become your own.
You can stay out of the news and in a safe computing environment when hardware and software security are at the top of your list in selecting a new data center. Your brand, business, and customers will benefit. To learn about Aligned security protocols and solutions, schedule a tour today!